Privacy Policy

Introduction

This Privacy Policy explains how PhotoStreamr collects, uses, shares, and protects your data. We are committed to transparency about how we handle your information and to giving you control over your data.

Data Collection and Sharing

PhotoStreamr collects and processes the following types of data:

Data We Collect But Do Not Share with Third Parties

• Email Addresses: Collected during Google authentication and stored securely on your device using encryption. This data is required for account management and app functionality.
• User IDs: Authentication tokens and identifiers used to maintain your login state with services like Google and Spotify. These are stored securely using encryption on your device only.
• Location Data: We request access to your device's approximate or precise location only if you enable the weather widget feature. This data is used to provide local weather information and is processed only while this feature is in use. You can control this permission through your device settings.
• Photos: We access photos you select for display in the screensaver. Photos may be cached locally on your device for performance reasons. You choose which photos to use.
• Music Files: When using Spotify integration, music data is streamed for playback during screensaver operation. This integration is optional.

Data We Collect and Share with Third Parties

• App Interactions: Usage data such as app launches and screensaver starts are collected and shared with Google's Firebase Analytics service to help us understand app performance and user engagement.
• Crash Logs and Diagnostics: Error data is collected and shared with Google's Firebase Crashlytics service to identify and fix application issues, improving stability and security.
• Device IDs: Device information and identifiers may be collected and shared with Google's Firebase services for analytics purposes and potentially for advertising functionality.

How We Use Your Information

We use the collected information for the following purposes:

• To Provide and Maintain the Service: We use your email and authentication data to verify your identity and provide access to features like Google Photos integration.
• To Improve Our Service: Analytics data helps us understand how users interact with our app, allowing us to enhance the user experience.
• To Detect and Fix Issues: Crash logs and diagnostics help us identify and resolve technical problems.
• To Personalize Your Experience: Your preferences and selected content (photos, music) are used to customize the screensaver experience.

Data Protection and Security

Data Storage and Retention

PhotoStreamr handles data according to the following practices:

• Local Storage: User credentials, email addresses, and authentication tokens are stored locally on your device using AES256_GCM encryption via EncryptedSharedPreferences.
• Temporary Data: Photos may be cached locally for performance reasons while the app is in use.
• Third-Party Services: App analytics, crash reports, and device identifiers are stored on Google's Firebase servers according to their data retention policies.

Secure API Access

We use OAuth 2.0 for authentication, ensuring that user credentials are never stored or exposed. Access tokens are securely handled and stored in a way that prevents unauthorized access. All communications between your device and third-party APIs are encrypted using industry-standards to protect user data from interception.

Google Data Access

When using the Application, you may link your Google account. This may include details such as your name, email, and profile image. We access Google user data to allow you to browse and manage your Google Photos. This includes:

• Your name, email, and profile image (for personalization).
• Google Photos read-only library access (for core functionality).

We do not store your Google data on our servers. All data remains on your device or is managed through Google's secure APIs.

Analytics and Advertising

PhotoStreamr uses third-party services to help us understand how our app is used and to support our service through advertising:

Firebase Analytics

We use Google's Firebase Analytics to collect information about how you interact with our app, including:

• App launch events and session duration
• Screensaver usage patterns (start, stop, duration)
• Photo display metrics (load time, cache usage)
• Settings changes
• Basic device information (model, Android version)

This data is shared with Google to provide us with insights that help improve the app. This collection is required for app functionality and cannot be disabled.

Firebase Crashlytics

We use Google's Firebase Crashlytics to collect crash reports and diagnostic information when the app encounters errors. This data is shared with Google to help us identify and fix issues, improving app stability and security. This collection is required and cannot be disabled.

Advertising

We may display advertisements within the app. When ads are shown, advertisers may collect device identifiers and app interaction data to provide relevant advertising content. The advertising ID permission (com.google.android.gms.permission.AD_ID) is used for this purpose. This data is shared with advertising partners as part of standard advertising operations.

Use of the IAB Transparency and Consent Framework (TCF)

PhotoStreamr integrates with the IAB Europe's Transparency and Consent Framework (TCF) to manage user consent for advertising and data collection in compliance with the General Data Protection Regulation (GDPR).

We use Google's User Messaging Platform (UMP), a consent management solution based on TCF v2.2, to:

• Obtain and manage user consent for the collection and use of personal data
• Provide options for personalized or non-personalized advertising
• Ensure consent preferences are respected across participating ad vendors
• Allow users to withdraw or update consent at any time via the app's settings

This framework enables us to be transparent with users and compliant with privacy regulations. To learn more, visit IAB Europe's TCF.

Third-Party Access

User data may be shared only in the following situations:

• With Google's Firebase services for analytics and crash reporting purposes
• With advertising partners when ads are displayed in the app
• To comply with legal obligations, such as responding to subpoenas or legal inquiries
• When necessary to protect user security, prevent fraud, or cooperate with law enforcement
• With service providers working on our behalf who comply with this privacy policy

Your Choices and Control

You have several options to control how your data is collected and used:

• Optional Features: Spotify integration and photo selection are optional features you can choose not to use.
• Permission Controls: You can manage location permissions through your device settings. Without location permission, location-based features will not function.
• Account Disconnection: You can disconnect your Google account at any time through the app settings or by revoking access in your Google account settings.
• Advertising Preferences: You can reset your advertising ID or opt out of personalized advertising through your device settings.
• Uninstallation: Removing the app from your device will stop all data collection. Note that data already shared with third parties will remain subject to their privacy policies.

Children's Privacy

PhotoStreamr does not knowingly collect data from individuals under the age of 13. If you believe that a child has provided personal information, please contact us so we can take appropriate action.

Your Data Access and Control

PhotoStreamr primarily stores user data locally on your device. For data we collect and share with third parties (analytics, crash reports, and advertising data), your control options are more limited. Here's what we can provide:

• Access to local data: Your Google account email and authentication tokens are stored securely on your device using encryption (AES256_GCM via EncryptedSharedPreferences).
• Account disconnection: You can disconnect your Google and Spotify accounts at any time through the app settings or by revoking access in your respective account settings.
• Data deletion: You can clear all local app data by using the app's reset function or by uninstalling the app. This will remove all stored credentials, cached photos, and preference settings from your device.
• Permission controls: You can manage location permissions through your device settings, which will affect the weather widget functionality.
• Third-party data: For data shared with Google services (Firebase Analytics and Crashlytics), we cannot directly provide access, correction, or deletion. This data is handled according to Google's privacy policies.

To exercise these options, please use the relevant features within the app or contact us using the information provided below.

Policy Updates

We may modify this Privacy Policy over time. When we make significant changes, we will notify users through the app or by other means. Please review this policy periodically, as continued use of the app signifies agreement with any updates.

Last Updated: April, 2025